ntpc information security peeyush arya 19 th december, 2015 1
DESCRIPTION
Growth of NTPC 3 Installed Capacity in MW NTPC was set up in 1975 to supplement efforts of States to add generation capacity With 25% share of generation, NTPC is the base load provider for the country NTPC was set up in 1975 to supplement efforts of States to add generation capacity With 25% share of generation, NTPC is the base load provider for the country 11,000 MW added during last 4 years. Focus on high efficiency super critical units. Diversifying into hydro, renewables and coal mining. 11,000 MW added during last 4 years. Focus on high efficiency super critical units. Diversifying into hydro, renewables and coal mining.TRANSCRIPT
IT @ NTPCInformation SecurityPeeyush [email protected] December, 2015
1
Agenda
• About NTPC
• NTPC’s IT Adoption Journey – Project Lakshya
• Introduction, Terminology & Types of IT Security Threats
• IT Security Infrastructure at NTPC
2
Growth of NTPC
3
1981-82 1990-91 2001-02 2008-09 2012-13 2013-14200
10,000+
20,000+
30,000+
40,000+ 43,000+
Installed Capacity in MW
• NTPC was set up in 1975 to supplement efforts of States to add generation capacity
• With 25% share of generation, NTPC is the base load provider for the country
• 11,000 MW added during last 4 years.
• Focus on high efficiency super critical units.
• Diversifying into hydro, renewables and coal mining.
NTPC stations have the highest PLF in the country
Central (excl NTPC) State Private NTPC
61% 59%62%
82%
FY14 – NTPC’s four coal based stations achieved more than 90% PLF 4
FY14
NTPC helps in turning around underperforming stations taken over from States
5These stations are now performing at par with other NTPC stations
Unchahar Talcher Tanda Kanti
18% 19% 15%
0%
86%95% 93%
80%
At Takeover FY 14
1992 1995 20002007
Today45 GW
Coal Gas Nuclear Hydro Renewables
56%
16%
11%
8%9%
• Over 23 GW under construction; 18 GW under planning• PPAs in place for 104 GW• Additional ~20 GW capacity also possible through expansion at
existing stations
Planning for Accelerated Growth
6
2032128 GW
86%
14%%
Key Issues Integration Enterprise wide
visibility Single version of
“truth” Senior management
reporting Financial closure &
reconciliations Material codification
and inventory management
Employee empowerment through self service & knowledge management
Corporate
COTS Custom Application Spreadsheet / Low system usage
Location 1
Location 2
Location 24
Location 25
Finance HR Procurement Billing Asset Mgmt.
Quality Mgmt Engineering Operation &Maintenance Project Mgmt Environment
Safety
OLIMFAS(Decentralized At 25 Locations)
Peoplesoft OLIMFAS ICMS Anurakshan
Windsor
Wipro E-tendering
Dreams Primavera PMSOPPMS
GDAMS
Pre-ERP Disparate Application Landscape Did Not Support NTPC’s Business Goals
7
C&M F&A
Project Management
Planning
Maintenance
Business Application Layer
Extranet
Intranet, Knowledge Portal
Messaging/ email
Business Warehouse
Add-on’s or Bolt-on’sseamlessly integrated
Local Reqts
Integrated Core
Illustrative End state architecture
Mining
Distribution
R&D
Analytical Toolkits
Operations
SCADA, GDAMS, OPPMS
Environment, R&R, Ash Utilisation
GIS, PMS
EDMS Design
Engg. & QAConsultancy Commercial and Billing
TPT/ABT
HR
MS
HR
Trading
How We Changed - Post ERP Applications Scenario
8
Project Lakshya : Major Achievements
9
1. End to end mapping of all the business process from Concept to Commissioning & Post Commissioning stage of a typical Power Station, using various SAP functionality
2. Introduction of internal and external (vendor) Collaboration for various Engineering and non-engineering activities
3. Creation and standardization of Engineering knowledge-base and introduction of “Building block” concept for re-use of design & shorter project development time
4. Implementation of “Fuel management” functionality to meet the business requirement of capturing, tracking and handling of data relating to fuel company as well as the Railways
5. Energy Billing as per Availability Based Tariff in IS-U6. Centralized Payroll and employee self service for all the 25000 employees
across diverse locations7. Visible and immediate benefits from e-tendering and reverse auctions
enabled by the SRM platform8. NTPC specific enhancements along with work-flows in Claims and
reimbursements, Leave travel concession (LTC), Loan application
Importance of IT Security• Information is the oxygen of the modern age.• In the current environment, almost everything is IT enabled.• Wide variety of personal, financial and organizational assets
are in digital form.• Social life of individuals is increasingly becoming IT centric.• Crime related to IT is progressing in tandem with IT growth.
10
Why IT Security is a concern?• Privacy Concerns• Copyright Violations• Identity Theft• Resource Violations• Reputation Protection• Meet Expectations• Laws & Regulations
11
Cyber Security Terminology• Vulnerability
• A Weakness which allows an attacker to reduce a system's information security.
• Attribute of the system itself.• Vulnerability CAN be treated or patched.
• Zero day Vulnerability• A zero-day vulnerability is previously unknown vulnerability in a
software, which gets exploited or attacked.• It is called zero-day, since the developer has had no time to fix it,
and no patch has been released for it yet.
12
Cyber Security Terminology• Threat
• A threat is an agent that may want to harm the target organization.
• Threats include organized crime, spyware, malware, adware companies, and disgruntled internal employees.
• Hackers• A hacker is someone who seeks and exploits weaknesses in a
computer system or a computer network• Blackhat: violates computer security for maliciousness or for
personal gain• Whitehat : breaks security for non-malicious reasons.• Script Kiddies: An unskilled hacker who breaks into computer
systems by using automated tools written by others 13
Types of IT Security Threats• Password Cracking
• Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system.
• Common methods of Password Cracking• Dictionary attacks• Brute Force attacks• Key loggers• Phishing• Social Engineering
14
IT Security Infrastructure at NTPC
• Perimeter Firewall with IPS (HA) at DC and DR
• FW & IPS for LAN Security• SIEM (Security Information & Event
Management)• Privileged User Management
15
Perimeter Firewall at DC and DR
• Fortigate 1000C in High availability• Next generation Firewall with Application control and
Intrusion prevention system• Blocking based on Geo-location possible.
16
Internal Security
Firewall & IPS (Fortigate 800C) deployed for securing ERP network from Internal side attacks.
17
Q & A
19
Thank You
20